Personal Data Protection

We are committed to comply with the following Principles as prescribed under the Personal Data Protection Act 2014:-

the General Principle;

the Notice and Choice Principle;

the Disclosure Principle;

the Security Principle;

the Retention Principle;

the Data Integrity Principle; and

the Access Principle.

General Principle

We shall not process personal data (“PD”) unless the Data Subject (individual who is the owner of the personal data) has given consent to the processing.

However, we shall process PD about a Data Subject if the processing is necessary for

the performance of a contract;

taking of steps with a view to entering into a contract;

compliance with any legal obligation;

protecting the vital interests of the Data Subject;

administration of justice; or

the exercise of any functions.

Between us and suppliers, customers, employees and other individuals, the purpose of collecting, processing and storing the PD is to facilitate the identification, authorization, credential and approval of the commercial transaction and services to be undertaken, contemplated or being undertaken between us and the Data Subject or the company that the Data Subject is representing.

We shall ensure the PD collected is not excessive for the intended purpose.

We shall not use the PD for any other purpose except as stated above.

Notice and Choice Principle

We shall inform the Data Subject in writing that PD is being processed, the purposes for the collection and whether the PD will be disclosed to third party.

For Data Subjects that have provided us with PD earlier, we shall deem that the Data Subjects have consented to us processing the PD in accordance with this policy.

We do not and will not own any of the PD obtained and by forwarding the PD to us, Data Subject does not confer any ownership rights of the PD to us.

The Data Subject may choose not to consent or withdraw the prior consent given at any time by notice in writing to us addressed to the Data Protection Officer at PTD86556, Jalan Murni 12, Murni Industrial Estate, 81400 Senai, Johor. Any refusal or withdrawal of consent may jeopardize the business and services to be undertaken, contemplated or being undertaken between us and the Data Subject or the company or entity that the Data Subject is representing.

Disclosure Principle

We may disclose the PD to our companies within our group of companies, including those to be incorporated in the future and during all company activities and functions.

We may disclose the PD to third party if required to do so provided that the third party receiving the PD secures the PD with an appropriate level of security.

Security Principle

We shall take practical steps to protect the PD from any loss, misuse, modification, unauthorized or accidental access or disclosure, alteration or destruction.

Retention Principle

We shall not keep the PD longer than is necessary for the fulfillment of our obligations and business needs.

We shall destroy or permanently delete all PD if no longer required.

Data Integrity Principle

We are required to take reasonable steps to ensure that the PD is accurate, complete, not misleading and kept up-to-date.

As such, it is important for Data Subject to provide voluntary, accurate, complete, not misleading and up to date PD to us.

Access Principle

Data Subject may access and correct any PD at any time by requesting in writing to the Data Protection Officer at PTD86556, Jalan Murni 12, Murni Industrial Estate, 81400 Senai, Johor.

We shall comply with the Data Subject’s request unless it is expressly prohibited by law.

Language

In the event of any inconsistency between the English version and Bahasa Malaysia version of this Policy, the English version shall prevail over the Bahasa Malaysia version.